On FreeBSD, we can use jail to restrict user. But jail don't exist on Linux. (It may exist, but its not part of the system.) Jail on FreeBSD is Virtualization on the OS level. We can achieve the same thing on Linux. I suggest you to read that article, since it also mention some program that can do that. I recommend Virtualization on the OS level for more performance:

So basically, you run like a second OS, and your friend will be restricted to it, and its content. The second Os that will run will like run inside a folder, and your friend wont be able to exit it to see the rest of your file. He will be restricted only to it. This has more advantage over chroot, since it may be easy to escape a sandbox created by a chroot.

You will be able to access the minecraft folder without any problem. But you will have to also install screen on the second OS, if you want your friend to have access to screen, and install all other thing you want your friend to have access.

Normally, your second OS will have its specific IP, you just have to say that whenever something connect to your computer to port x and y, redirect it to that IP. So if he connect to your computer trough port (the port you want him to use to SSH) he is redirected in the second OS. Same with the minecraft port.

Also, to make it more easy to you, you could create a symlink to the minecraft folder, so you don't always to have to go to the second OS's folder to reach the minecraft folder.

It may be not the best solution for you (or it may be) but its still a viable solution that you should consider, as its not hard to set up, and offer the most security and privacy.